Using a Wwwroot Folder (ASP.NET Core Style) in ASP.NET 4.5 Project

Using a wwwroot folder (ASP.NET Core style) in ASP.NET 4.5 project

I believe I have a working method for doing this now. Took a bit of googling and experimentation, but in the end I came up with the following process:

  1. Create a new ASP.NET 4.5 project in VS2015, selecting the Empty Template

  2. Add OWIN references through nuget (Install-Package Microsoft.Owin.Host.SystemWeb and Microsoft.Owin.StaticFiles)

  3. Add a startup file similar to this:

    [assembly: OwinStartup(typeof(MyApp.Startup))]
    namespace MyApp.UI
    {
        public class Startup
        {
            public void Configuration(IAppBuilder app)
            {
                string root = AppDomain.CurrentDomain.BaseDirectory;
                var physicalFileSystem = new PhysicalFileSystem(Path.Combine(root, "wwwroot"));
                var options = new FileServerOptions
                {
                    RequestPath = PathString.Empty,
                    EnableDefaultFiles = true,
                    FileSystem = physicalFileSystem
                };
                options.StaticFileOptions.FileSystem = physicalFileSystem;
                options.StaticFileOptions.ServeUnknownFileTypes = false;
                app.UseFileServer(options);
            }
        }
    }

  4. Add the following to your web.config file, to prevent IIS from serving static files you don't want it to, and force everything through the OWIN pipeline:

    <system.webServer>
        <handlers>
          <remove name="StaticFile"/>
          <add name="Owin" verb="" path="*" type="Microsoft.Owin.Host.SystemWeb.OwinHttpHandler, Microsoft.Owin.Host.SystemWeb"/>
        </handlers>
      </system.webServer>

I'm always open to better suggestions on how to do this, but this at least seems to work for me.

Asp.net core Protect Folder out side wwwroot

You can use middleware for this. Namely Map allows to execute required middleware for a path

app.Map("/app-data", appBuilder =>
{
    appBuilder.UseFilter();

    appBuilder.UseFileServer(new FileServerOptions
    {
        FileProvider = new PhysicalFileProvider($@"{Configuration["AppConfiguration:PhysicalDirectoryBasePath"]}"),
        RequestPath = new PathString(""), //empty, because root path is in Map now
        EnableDirectoryBrowsing = false
    });
}

Filter middleware

public class FilterMiddleware
{
    private readonly RequestDelegate _next;

    public FilterMiddleware(RequestDelegate next)
    {
        _next = next;
    }

    public async Task InvokeAsync(HttpContext httpContext)
    {
        if (httpContext.Request.Headers["API-KEY"] == "secret key")
        {
            //proceed serving files
            await _next(httpContext);
        }
        else
        {
            //return you custom response
            await httpContext.Response.WriteAsync("Forbidden");
        }
    }
}

Extension class allows to call UseFilter

public static class FilterMiddlewareExtensions
{
    public static IApplicationBuilder UseFilter(this IApplicationBuilder applicationBuilder)
    {
        return applicationBuilder.UseMiddleware<FilterMiddleware>();
    }
}

ASP.NET Core publish of wwwroot subfolders starting with '.'

I had this problem too, I need to publish some static files in wwwroot/.well-known folder for LetsEncrypt validation

Just "include" the folder in the project, then press F4 on its files and in the "properties" set "copy to output folder"

Alternatively just copy-paste this into your .csproj

<ItemGroup>
  <Content Include="wwwroot\.well-known\*">
      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
  </Content>
</ItemGroup>

Should I create my folder for file uploads under wwwroot inside visual studio?

To the best of my understanding, unless you take special precautions, files under wwwroot can be downloaded freely by users, bots, etc. with no authentication. If the files are not sensitive in nature, then there is nothing wrong with using wwwroot.

If you want to provide security at the controller level (e.g., a user can only view their own files), then it's probably better to put them elsewhere in the file system. The path is kind of arbitrary, but the security settings on the folder must be set in such a way that the dotnet process can access it. You can give Everyone full access, or be more restrictive if you see fit. This is done directly on the OS of the server, assuming that you have access to it.

ASP.NET Core hosted in a Windows Service - static files not being served (i.e. contents of /wwwroot)

In the Startup.cs class Configure() function, I needed to add the following: 

app.UseStaticFiles(new StaticFileOptions
{
    FileProvider = new PhysicalFileProvider(
        Path.Combine(workingDirectoryPath, "wwwroot"))
});

where 'workingDirectoryPath' was an absolute path to the directory where my service executable is, e.g. "C:\MyService"


Related Topics

How to Save Dlls in a Different Folder When Compiling in Visual Studio

Rotate Flot Tick Labels

Windows Form Application Exception

How to Get Float Value with SQLdatareader

Block Request for Multiple Unsuccessful Logins for a Period of Time

Attach Debugger to Iis Instance

Linq-To-Sql: Recursively Get Children

Soap Authentication Fails When Running a C# App on a Linux Box

How to Install Python for .Net on Windows

Android Emulator Not Connecting to Localhost API

Dotnet.Highcharts: Cost Not Plotted Against the Correct Date

Using SQL Convert Function Through Nhibernate Criterion

Download a File from Azure Devops Server Writes Wrong Data to The File

How to Validate That a String Doesn't Contain HTML Using C#

How to Add a Reference to an Unmanaged C++ Project Called by a C# Project

Escaping the Escape Character Does Not Work - SQL Like Operator

Xamarin Visual Studio iOS Development Without a Mac

C#: Referencing or Using .So Files in .Net Core on Linux


Leave a reply



Submit